bastion/nginx-proxy-manager
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

V1 Importer work

Browse Source
This commit is contained in:
Jamie Curnow
2018-08-21 14:10:38 +10:00
parent 8d925deeb0
commit c7260bcb9f
17 changed files with 433 additions and 92 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
src/backend/internal/access-list.js
View File

@ -31,7 +31,7 @@ const internalAccessList = {
.omit(omissions())
.insertAndFetch({
name: data.name,
owner_user_id: access.token.get('attrs').id
owner_user_id: access.token.getUserId(1)
});
})
.then(row => {
@ -198,10 +198,6 @@ const internalAccessList = {
data = {};
}
if (typeof data.id === 'undefined' || !data.id) {
data.id = access.token.get('attrs').id;
}
return access.can('access_lists:get', data.id)
.then(access_data => {
let query = accessListModel
@ -215,7 +211,7 @@ const internalAccessList = {
.first();
if (access_data.permission_visibility !== 'all') {
query.andWhere('owner_user_id', access.token.get('attrs').id);
query.andWhere('access_list.owner_user_id', access.token.getUserId(1));
}
// Custom omissions
@ -340,7 +336,7 @@ const internalAccessList = {
.orderBy('access_list.name', 'ASC');
if (access_data.permission_visibility !== 'all') {
query.andWhere('owner_user_id', access.token.get('attrs').id);
query.andWhere('owner_user_id', access.token.getUserId(1));
}
// Query is used for searching

2
src/backend/internal/audit-log.js
View File

@ -56,7 +56,7 @@ const internalAuditLog = {
return new Promise((resolve, reject) => {
// Default the user id
if (typeof data.user_id === 'undefined' || !data.user_id) {
data.user_id = access.token.get('attrs').id;
data.user_id = access.token.getUserId(1);
}
if (typeof data.action === 'undefined' || !data.action) {

10
src/backend/internal/certificate.js
View File

@ -99,7 +99,7 @@ const internalCertificate = {
create: (access, data) => {
return access.can('certificates:create', data)
.then(() => {
data.owner_user_id = access.token.get('attrs').id;
data.owner_user_id = access.token.getUserId(1);
if (data.provider === 'letsencrypt') {
data.nice_name = data.domain_names.sort().join(', ');
@ -261,10 +261,6 @@ const internalCertificate = {
data = {};
}
if (typeof data.id === 'undefined' || !data.id) {
data.id = access.token.get('attrs').id;
}
return access.can('certificates:get', data.id)
.then(access_data => {
let query = certificateModel
@ -275,7 +271,7 @@ const internalCertificate = {
.first();
if (access_data.permission_visibility !== 'all') {
query.andWhere('owner_user_id', access.token.get('attrs').id);
query.andWhere('owner_user_id', access.token.getUserId(1));
}
// Custom omissions
@ -364,7 +360,7 @@ const internalCertificate = {
.orderBy('nice_name', 'ASC');
if (access_data.permission_visibility !== 'all') {
query.andWhere('owner_user_id', access.token.get('attrs').id);
query.andWhere('owner_user_id', access.token.getUserId(1));
}
// Query is used for searching

6
src/backend/internal/dead-host.js
View File

@ -46,7 +46,7 @@ const internalDeadHost = {
})
.then(() => {
// At this point the domains should have been checked
data.owner_user_id = access.token.get('attrs').id;
data.owner_user_id = access.token.getUserId(1);
return deadHostModel
.query()
@ -219,7 +219,7 @@ const internalDeadHost = {
.first();
if (access_data.permission_visibility !== 'all') {
query.andWhere('owner_user_id', access.token.get('attrs').id);
query.andWhere('owner_user_id', access.token.getUserId(1));
}
// Custom omissions
@ -307,7 +307,7 @@ const internalDeadHost = {
.orderBy('domain_names', 'ASC');
if (access_data.permission_visibility !== 'all') {
query.andWhere('owner_user_id', access.token.get('attrs').id);
query.andWhere('owner_user_id', access.token.getUserId(1));
}
// Query is used for searching

6
src/backend/internal/proxy-host.js
View File

@ -46,7 +46,7 @@ const internalProxyHost = {
})
.then(() => {
// At this point the domains should have been checked
data.owner_user_id = access.token.get('attrs').id;
data.owner_user_id = access.token.getUserId(1);
return proxyHostModel
.query()
@ -220,7 +220,7 @@ const internalProxyHost = {
.first();
if (access_data.permission_visibility !== 'all') {
query.andWhere('owner_user_id', access.token.get('attrs').id);
query.andWhere('owner_user_id', access.token.getUserId(1));
}
// Custom omissions
@ -308,7 +308,7 @@ const internalProxyHost = {
.orderBy('domain_names', 'ASC');
if (access_data.permission_visibility !== 'all') {
query.andWhere('owner_user_id', access.token.get('attrs').id);
query.andWhere('owner_user_id', access.token.getUserId(1));
}
// Query is used for searching

6
src/backend/internal/redirection-host.js
View File

@ -46,7 +46,7 @@ const internalRedirectionHost = {
})
.then(() => {
// At this point the domains should have been checked
data.owner_user_id = access.token.get('attrs').id;
data.owner_user_id = access.token.getUserId(1);
return redirectionHostModel
.query()
@ -219,7 +219,7 @@ const internalRedirectionHost = {
.first();
if (access_data.permission_visibility !== 'all') {
query.andWhere('owner_user_id', access.token.get('attrs').id);
query.andWhere('owner_user_id', access.token.getUserId(1));
}
// Custom omissions
@ -307,7 +307,7 @@ const internalRedirectionHost = {
.orderBy('domain_names', 'ASC');
if (access_data.permission_visibility !== 'all') {
query.andWhere('owner_user_id', access.token.get('attrs').id);
query.andWhere('owner_user_id', access.token.getUserId(1));
}
// Query is used for searching

4
src/backend/internal/report.js
View File

@ -1,7 +1,5 @@
'use strict';
const _ = require('lodash');
const error = require('../lib/error');
const internalProxyHost = require('./proxy-host');
const internalRedirectionHost = require('./redirection-host');
const internalDeadHost = require('./dead-host');
@ -16,7 +14,7 @@ const internalReport = {
getHostsReport: access => {
return access.can('reports:hosts', 1)
.then(access_data => {
let user_id = access.token.get('attrs').id;
let user_id = access.token.getUserId(1);
let promises = [
internalProxyHost.getCount(user_id, access_data.visibility),

6
src/backend/internal/stream.js
View File

@ -21,7 +21,7 @@ const internalStream = {
return access.can('streams:create', data)
.then(access_data => {
// TODO: At this point the existing ports should have been checked
data.owner_user_id = access.token.get('attrs').id;
data.owner_user_id = access.token.getUserId(1);
if (typeof data.meta === 'undefined') {
data.meta = {};
@ -113,7 +113,7 @@ const internalStream = {
.first();
if (access_data.permission_visibility !== 'all') {
query.andWhere('owner_user_id', access.token.get('attrs').id);
query.andWhere('owner_user_id', access.token.getUserId(1));
}
// Custom omissions
@ -201,7 +201,7 @@ const internalStream = {
.orderBy('incoming_port', 'ASC');
if (access_data.permission_visibility !== 'all') {
query.andWhere('owner_user_id', access.token.get('attrs').id);
query.andWhere('owner_user_id', access.token.getUserId(1));
}
// Query is used for searching

4
src/backend/internal/token.js
View File

@ -98,7 +98,7 @@ module.exports = {
data = data || {};
data.expiry = data.expiry || '30d';
if (access && access.token.get('attrs').id) {
if (access && access.token.getUserId(0)) {
// Create a moment of the expiry expression
let expiry = helpers.parseDatePeriod(data.expiry);
@ -107,7 +107,7 @@ module.exports = {
}
let token_attrs = {
id: access.token.get('attrs').id
id: access.token.getUserId(0)
};
// Only admins can request otherwise scoped tokens

8
src/backend/internal/user.js
View File

@ -179,7 +179,7 @@ const internalUser = {
}
if (typeof data.id === 'undefined' || !data.id) {
data.id = access.token.get('attrs').id;
data.id = access.token.getUserId(0);
}
return access.can('users:get', data.id)
@ -253,7 +253,7 @@ const internalUser = {
}
// Make sure user can't delete themselves
if (user.id === access.token.get('attrs').id) {
if (user.id === access.token.getUserId(0)) {
throw new error.PermissionError('You cannot delete yourself.');
}
@ -352,7 +352,7 @@ const internalUser = {
getUserOmisionsByAccess: (access, id_requested) => {
let response = []; // Admin response
if (!access.token.hasScope('admin') && access.token.get('attrs').id !== id_requested) {
if (!access.token.hasScope('admin') && access.token.getUserId(0) !== id_requested) {
response = ['roles', 'is_deleted']; // Restricted response
}
@ -378,7 +378,7 @@ const internalUser = {
throw new error.InternalValidationError('User could not be updated, IDs do not match: ' + user.id + ' !== ' + data.id);
}
if (user.id === access.token.get('attrs').id) {
if (user.id === access.token.getUserId(0)) {
// they're setting their own password. Make sure their current password is correct
if (typeof data.current === 'undefined' || !data.current) {
throw new error.ValidationError('Current password was not supplied');